“Microsoft patched just 63 vulnerabilities in its November Patch Tuesday release, a 62% drop from last month’s 167 CVEs. Don’t be deceived by the drop-off in patched vulnerabilities. November’s release is still rich in notable fixes.
“This month, only one zero-day vulnerability was patched as part of Patch Tuesday. CVE-2025-62215 is an elevation of privilege flaw in the Windows Kernel. While the description says exploitation requires an attacker to win a race condition, which is often a barrier as a prerequisite, though Microsoft confirmed this vulnerability was exploited in the wild. While we don’t have the full scope regarding exploitation, based on the fact that this is a privilege escalation flaw, it was likely used as part of post-exploitation activity by an attacker, meaning they leveraged some other method to gain access to their target system, such as social engineering, phishing, or exploitation of another vulnerability. This is one of 11 privilege escalation bugs patched in the Windows Kernel in 2025.
“Microsoft also patched CVE-2025-62222, a remote code execution vulnerability in the Microsoft Visual Studio Code CoPilot Chat Extension. This stems from a command injection flaw, which could enable an attacker to gain code execution privileges. While it is rated as less likely to be exploited, it underscores a growing interest in finding bugs in generative AI or agentic AI, which includes large language models, whether foundational models or open source models, and the AI-assisted code editing tools”. — Satnam Narang, senior staff research engineer, Tenable